cisco password recovery

For example, when I put the following command with clear-text password into a Cisco config:
enable secret foobar
then when I do a 'show config' command (assuming I have "service password-encryption" enabled), what I see is something like this:
enable secret 5 $1$pdQG$0WzLBXV98voWIUEdIiLm11

As per this website, the OpenSSL command line utility appears to provide the functionality you need:

$ openssl passwd -1 -salt pdQG -table foobar
foobar  $1$pdQG$0WzLBXV98voWIUEdIiLm11
And there is presumably an equivalent function in the library itself.
 The printable form of MD5 password hashes starts with $1$.
salt is $pdQG$
 a thousand iterations of md5 hash is $0WzLBXV98voWIUEdIiLm11

openssl md5crypt : http://haxcess.com/2008/10/21/cisco-password-recovery/
openssl : http://openssl.org/docs/apps/passwd.html#
md5crypt alg : http://en.wikipedia.org/wiki/Crypt_%28Unix%29#MD5-based%5Fscheme

No comments:

Post a Comment